Credit Card Status: Stolen

I've been bamboozled.  Well, not exactly bamboozled, but I always wanted to use that word.  I'm not exactly sure when this happened, but it was likely on my recent trip to Atlanta.  Someone ripped off my credit card number.  This sucks.  My credit card activity has gone up quite a bit with a lot of regional travel (when driving personally owned cars, as I typically do, we expense mileage, not gas/maintenance).

So, Saturday afternoon there's a call on the machine in a computerized voice that basically identifies itself as my credit card's fraud prevention department, looking to confirm recent activity.  It asks me to call a given 800 number to verify this activity.  I kind of figured this was a false alarm since I visited several states over the previous few days, and the last time this happened it was a false alarm.  (And, I'm _all_ for it -- I'd rather have them err on the side of caution.)

But what bothers me is that, when I call the 800 number, it's really not clear who I'm talking to.  The computerized system on the other end is asking me for more information regarding my account, so I hang up.

To top it off, this number was not on the back of the card.  Long story short, this call was, in fact, completely legit and was from the fraud prevention department, but how was I to know that?  This is just like the countless phishing e-mails providing a modicum of information, trying to capitalize on a little fear, and by the time you realize what happens, you've given away too much information.

So what should the message have said?  Well, it should just say, "Call the fraud number on the back of your card to verify activity."  (That's what I ended up doing.)

And the credit card?  Now cancelled.  Fortunately it was only a very small charge (likely to test whether or not it would work) and easy enough to dispute.  How these small charges trip the fraud detection scheme in a sea of activity is beyond me, but I'm sure it's all pattern recognition. 

A lot of this reminds me of what Cardspace is trying to solve: trusted communication.  Someone pretending to be me ... the system didn't quite buy it; the system called me ... I didn't quite buy it; I call them back ... and of course, they don't "trust" they're talking to me.  Good times.

Comments (1) -

Marcus Shockley
Marcus Shockley
7/23/2007 9:08:10 AM #

Several years ago I had a card number stolen. I recall having to physically go to my bank branch with a printed transaction list, showing that charges were being made in Charlotte, Dallas, and Rome...all in the same day, within a few minutes of each other. I would assume that fraud detection algorithms have improved slightly.

Comments are closed

My Apps

Dark Skies Astrophotography Journal Vol 1 Explore The Moon
Mars Explorer Moons of Jupiter Messier Object Explorer
Brew Finder Earthquake Explorer Venus Explorer  

My Worldmap

Month List